Siemplify ThreatFuse is a high-end integration, developed by Siemplify developers in accordance with the highest requirements for performance and stability.
The integration’s actions automate all possible use cases related to using threat intelligence in SOAR. Entities from your alerts now can be enriched with information from leading threat feeds, and the result of this enrichment will be available in a form of enhanced insight that provide better visibility to an analyst.
ThreatFuse has designed the way it provides the maximum value per action by combining a few simple actions in one, which allows you to create short but efficient playbooks.
The design allows you a lot of flexibility in order to customize the actions’ outcome according to the requirements of your use case.

Connectors:

  • Observables Connector

List of actions:
Enrich Entities: Retrieves information about IPs, URLs, hashes, email addresses from Siemplify ThreatFuse
Get Related Hashes: Retrieves entity related hashes based on the associations (actors, companies, vulnerabilities and other malicious indicators) in Siemplify ThreatFuse.
Get Related URLs : Retrieves entity related URLs based on the associations (actors, companies, vulnerabilities and other malicious indicators) in Siemplify ThreatFuse.
Get Related Domains : Retrieves entity related domains based on the associations (actors, companies, vulnerabilities and other malicious indicators) in Siemplify ThreatFuse.
Get Related Email Addresses : Retrieves entity related email addresses based on the associations (actors, companies, vulnerabilities and other malicious indicators) in Siemplify ThreatFuse.
Get Related IPs : Retrieves entity related IPs based on the associations (actors, companies, vulnerabilities and other malicious indicators) in Siemplify ThreatFuse.
Get Related Associations : Retrieves entity related associations (actors, companies, vulnerabilities and other malicious indicators) from Siemplify ThreatFuse.
Submit Observables: Submits an observable to Siemplify ThreatFuse based on IP, URL, Hash, Email entities.
Ping: Tests connectivity for the integration

For more information, click here.

Need more help with this?
Click here to open a Support ticket

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.